Existing malware analysis services suffer from several deficiencies. First, some of these services, although competent for some malware threats, are not enough to combat a malware infection. One cannot just rely on a sandbox to determine what a piece of malware has done. Second, several previous attempts are built to target only a single type of malware or platform, e.g. Microsoft® Windows®. Yet, malware is often platform agnostic, and can target multiple platforms. Third, some of these services do not produce output understandable to anyone beyond those with specialized training, e.g. a degree in Computer Science. This limits the usefulness of these services to users that do not possess the specialized training.
What is needed is a design such that as malware threats change and evolve, the analysis conducted by the various processing elements can change and evolve as well.